<?php

/**
 *
 * @package avp
 * @version $Id: $
 * @copyright (c) 2006 Jan-Willem van Ganswijk, Stefan van Essen
 * @license http://opensource.org/licenses/gpl-license.php GNU Public License
 */

define('IN_SCRIPT', 'TRUE'); //OH NO GEEN HACKERS

$root = './';
$adminmode = false;
// ########################### hieronder geen gekloot ###########################
include($root . 'includes/common.inc.php');
include($root . 'includes/hotlinkcheck.inc.php');
include($root . 'includes/images.inc.php');

timer('maketime');

if (isset($_GET['admin'])) {
    $adminmode = true;
    include($root . 'includes/session.class.php');
    $session = new sessionWrapper();
    if (!$session->check_login())
        die();
}
$id = addslashes($_GET['id']);

$row = $db->query_first("SELECT * FROM `" . $db->get_table('avatar') . "` WHERE `id`='{$id}'  LIMIT 1");
if (!$row) {
    $imageid = $CONFIG['not_found_image']; // == notfoundimage
    $row['size_width'] = $CONFIG['not_found_dim_width'];
    $row['size_height'] = $CONFIG['not_found_dim_height'];
} elseif (($adminmode == true || check_hotlink($row['id'], $_SERVER['HTTP_REFERER'], $row['hc_mode'], $row['hc_domains']))) {
    $result = $db->query("SELECT * FROM `" . $db->get_table('sets') . "` WHERE `avatarid`='{$row['id']}'");
    $num_images = $db->get_num_rows($result);
    if ($num_images < 1) {
        $imageid = $CONFIG['not_found_image']; // == notfoundimage
    } elseif ($num_images == 1) {
        $set = $db->fetch($result);
        if ($set['imageid'] > 0) {
            $imageid = $set['imageid'];
        } else {
            $imageid = false;
            $pluginid = $set['pluginid'];
        }
    } else {
        $sets = array();
        while ($setrow = $db->fetch($result)) {
            $sets[] = $setrow;
        }
        $count = count($sets);
        $rand_int = rand(0, $count - 1);
        $randimage = $sets[$rand_int];
        if ($randimage['imageid'] > 0) {
            $imageid = $randimage['imageid'];
        } else {
            $imageid = false;
            $pluginid = $randimage['pluginid'];
        }
    }
    $db->free_result($result);
} else {
    $imageid = $CONFIG['not_allowed_image']; // == notallowedimage
}

if ($imageid == false) {
    $plugindata = $db->query_first("SELECT * FROM `" . $db->get_table('plugins') . "` WHERE `pluginid`='{$pluginid}' LIMIT 1");
    if (is_readable($root . 'plugins/' . $plugindata['plugindir'] . '/' . $plugindata['imagescript'])) {
        require($root . 'plugins/' . $plugindata['plugindir'] . '/' . $plugindata['imagescript']);
        $thumb = get_image($row['size_width'], $row['size_height'], $plugindata['arguments']);
    } else {
        die('Plugin could not be found');
    }
} else {
    $imagedata = $db->query_first("SELECT * FROM `" . $db->get_table('images') . "` WHERE `imageid`='{$imageid}' LIMIT 1");
    $filename = 'image-' . $imagedata['imageid'] . '.' . $imagedata['ext'];
    if ($imagedata['passthru'] == 1) {
        $row['output_format'] = 'passthru';
        $thumb = fopen($root . 'images/' . $filename, 'r');
    } else {
        list($origwidth, $origheight) = getimagesize($root . 'images/' . $filename);
        $source = getsource($filename);
        $thumb = imagecreatetruecolor($row['size_width'], $row['size_height']);
        switch ($row['resize_mode']) {
            case 'copy':
                imagecopy($thumb, $source, 0, 0, 0, 0, $origwidth, $origheight);
                break;
            case 'resize':
                imagecopyresized($thumb, $source, 0, 0, 0, 0, $row['size_width'], $row['size_height'], $origwidth, $origheight);
                break;
            default:
            case 'resample':
                imagecopyresampled($thumb, $source, 0, 0, 0, 0, $row['size_width'], $row['size_height'], $origwidth, $origheight);
                break;
        }
    }
}
switch ($row['output_format']) {
    case 'passthru':
        rewind($thumb);
        header('Content-type: ' . image_type_to_mime_type(IMAGETYPE_GIF));
        header("Content-Length: " . filesize($root . 'images/' . $filename));
        fpassthru($thumb);
        break;
    case 'jpg':
        header('Content-type: ' . image_type_to_mime_type(IMAGETYPE_JPEG));
        imagejpeg($thumb);
        break;
    case 'gif':
        header('Content-type: ' . image_type_to_mime_type(IMAGETYPE_GIF));
        imagegif($thumb);
        break;
    case 'png':
    default:
        header('Content-type: ' . image_type_to_mime_type(IMAGETYPE_PNG));
        imagepng($thumb);
        break;
}
if ($imagedata['passthru'] == 0) {
    imagedestroy($thumb);
    imagedestroy($source);
}
// update stats
if ($adminmode == true)
    $row['requestcount'] = $row['requestcount'] - 1;

$maketime = timer('maketime', 'stop', 10);

$db->query("UPDATE `" . $db->get_table("avatar") . "` SET `timer_total`='" . ($row["timer_total"] + $maketime) . "', `timer_times`='" . ($row["timer_times"] + 1) . "',`requestcount`='" . ($row['requestcount'] + 1) . "' WHERE `id`='{$id}' LIMIT 1");

?>